From deda0116bc87e8bb0ea810452e00df67df516dfd Mon Sep 17 00:00:00 2001 From: David Aguilar Date: Sun, 27 Dec 2015 20:43:09 -0800 Subject: [PATCH] views: allow token authentication for change_password Allow token authentication for the change_password endpoint. This makes it possible change passwords from a json request. Related-to: #421 Signed-off-by: David Aguilar --- flask_security/views.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flask_security/views.py b/flask_security/views.py index 7ad03bfe..63ff5b7c 100644 --- a/flask_security/views.py +++ b/flask_security/views.py @@ -17,7 +17,7 @@ from .confirmable import send_confirmation_instructions, \ confirm_user, confirm_email_token_status -from .decorators import login_required, anonymous_user_required +from .decorators import anonymous_user_required, auth_required from .passwordless import send_login_instructions, \ login_token_status from .recoverable import reset_password_token_status, \ @@ -292,7 +292,7 @@ def reset_password(token): **_ctx('reset_password')) -@login_required +@auth_required('session', 'token', 'basic') def change_password(): """View function which handles a change password request."""